#!/bin/bash
# 修复请求头过大(413错误)的智能运维脚本
FIX_CODE_ID="largeheader"

# 定义服务配置文件路径
NGINX_CONF_PATHS=(
    "/etc/nginx/nginx.conf"
    "/etc/nginx/conf.d/default.conf"
    "/usr/local/nginx/conf/nginx.conf"
)

APACHE_CONF_PATHS=(
    "/etc/apache2/apache2.conf"
    "/etc/httpd/conf/httpd.conf"
    "/etc/apache2/sites-available/default.conf"
)

# 备份文件函数
backup_file() {
    local file="$1"
    if [ -f "$file" ]; then
        local backup="${file}.bak.$(date +%Y%m%d%H%M%S)"
        cp -a "$file" "$backup"
        echo "已备份配置文件: $backup"
    fi
}

# 修复Nginx配置
fix_nginx() {
    local found=0
    for conf in "${NGINX_CONF_PATHS[@]}"; do
        if [ -f "$conf" ]; then
            found=1
            echo "正在处理Nginx配置: $conf"
            
            # 创建备份
            backup_file "$conf"
            
            # 检查是否已存在相关配置
            if grep -qE '^[[:space:]]*client_header_buffer_size' "$conf"; then
                sed -i 's/^[[:space:]]*client_header_buffer_size.*/client_header_buffer_size 1k;/' "$conf"
            else
                sed -i '/http {/a \    client_header_buffer_size 1k;' "$conf"
            fi
            
            # 增加大请求头缓冲区配置
            if ! grep -qE '^[[:space:]]*large_client_header_buffers' "$conf"; then
                sed -i '/client_header_buffer_size/a \    large_client_header_buffers 4 8k;' "$conf"
            else
                sed -i 's/^[[:space:]]*large_client_header_buffers.*/large_client_header_buffers 4 8k;/' "$conf"
            fi
            
            echo "Nginx配置已更新"
        fi
    done
    
    if [ $found -eq 1 ]; then
        # 检查Nginx配置并重启服务
        if command -v nginx &> /dev/null; then
            if nginx -t &> /dev/null; then
                echo "重启Nginx服务..."
                systemctl restart nginx &> /dev/null || service nginx restart &> /dev/null
                echo "Nginx服务已重启"
            else
                echo "Nginx配置验证失败，请手动检查"
            fi
        fi
        return 0
    fi
    return 1
}

# 修复Apache配置
fix_apache() {
    local found=0
    for conf in "${APACHE_CONF_PATHS[@]}"; do
        if [ -f "$conf" ]; then
            found=1
            echo "正在处理Apache配置: $conf"
            
            # 创建备份
            backup_file "$conf"
            
            # 设置请求头大小限制
            if grep -qE '^[[:space:]]*LimitRequestFieldSize' "$conf"; then
                sed -i 's/^[[:space:]]*LimitRequestFieldSize.*/LimitRequestFieldSize 65536/' "$conf"
            else
                sed -i '/<IfModule mod_headers.c>/a \    LimitRequestFieldSize 65536' "$conf"
                # 如果没有mod_headers模块配置，则直接添加
                if [ $? -ne 0 ]; then
                    echo "LimitRequestFieldSize 65536" >> "$conf"
                fi
            fi
            
            # 设置请求字段数量限制
            if grep -qE '^[[:space:]]*LimitRequestFields' "$conf"; then
                sed -i 's/^[[:space:]]*LimitRequestFields.*/LimitRequestFields 100/' "$conf"
            else
                sed -i '/LimitRequestFieldSize/a \    LimitRequestFields 100' "$conf"
                if [ $? -ne 0 ]; then
                    echo "LimitRequestFields 100" >> "$conf"
                fi
            fi
            
            echo "Apache配置已更新"
        fi
    done
    
    if [ $found -eq 1 ]; then
        # 重启Apache服务
        if command -v apachectl &> /dev/null; then
            if apachectl configtest &> /dev/null; then
                echo "重启Apache服务..."
                systemctl restart apache2 &> /dev/null || systemctl restart httpd &> /dev/null || service apache2 restart &> /dev/null
                echo "Apache服务已重启"
            else
                echo "Apache配置验证失败，请手动检查"
            fi
        fi
        return 0
    fi
    return 1
}

# 主逻辑
echo "开始修复请求头过大(413错误)..."

# 先尝试修复Nginx
if ! fix_nginx; then
    echo "未找到Nginx配置，尝试修复Apache..."
    # 再尝试修复Apache
    if ! fix_apache; then
        echo "未找到Nginx或Apache配置文件，请手动配置Web服务器的请求头大小限制"
        exit 1
    fi
fi

echo "请求头过大(413错误)修复完成"
exit 0
